Evaluate a risk score for each request

If you want to evaluate users' risk scores before they sign in to Okta, be sure that you configure the correct MFA requirements.

HealthInsight task recommendation

Configure a rule in your Okta sign-on policy that checks a user's risk score and prompts for MFA accordingly.

Okta recommends

Require high-risk users to provide MFA every time they sign in.

Security impact Moderate
End-user impact


Security policies are evaluated every time a user with medium or high risk levels attempts to access an app. These users must authenticate more frequently.

Require MFA for high-risk users

  1. In the Admin Console, go to SecurityOkta Sign-on Policy.

  2. Select the policy that you want to edit.

  3. In the Rules table, locate the rule that you want to edit and make these updates:

    • AND Risk is: High

    • Authentication is: Required

    • Users will be prompted for MFA: At every sign in

  4. Click Update Rule.

Related topics

Risk scoring

Configure an Okta sign-on policy